What I am looking for
A way to filter access to a index view (planilhas) that is nested in a model called "Obra" based on either a user is associated or not to a particularly "Obra".
I'm trying to add filter_access_to the index action but my model, Planilha, is nested on Obra and I want to check if the current user is assigned to the Obra. So he/she can see all the Planilhas associated with that particular obra.
What I did
I already tried the following things in my Planilhas_controller
filter_access_to [:index], require: manage, context: obras, attribute_check: true
But the truth is that, according to the docs, it will try to find the context model thought the params[:id], which is not the case, i need it to be params[:obra_id]
I also tried to use the nested_in option in my controller, as follows:
filter_access_to [:index], require: :manage, nested_in: :obras, attribute_check: true
but, as expected, I can't access the index page because it doesn't find the Planilha's id.
My models are:
class User < ActiveRecord::Base
has_many :obras, through: :responsibilities
end
class Obra < ActiveRecord::Base
has_many :planilhas
has_many :users, through: :responsibilities
end
class Planilha < ActiveRecord::Base
belongs_to :obra
end
Thanks for the help
Update
I manage to solve this by creating a before_filter action who builds a object Planilha. I am not convinced that it is the best solution, but it worked.
Planilhas_Controller:
before_filter :set_planilha
def set_planilha
@planilha = !params[:id].nil? ? Planilha.find(params[:id]) : Planilha.new
end